Comment by JimDabell

Malware exists, but you are only focusing on the benefit of removing user freedoms. Can you provide a similar analysis of the costs, or do you just ignore them because they are hard to reason about?

F-Droid is a massive win for the mobile ecosystem, probably the last bastion of useful free software for mobile devices. Being able to build an APK at home and run it on my phone is the ideal way computers should be used. But you can't put a price on these freedoms.

You're advocating for a system that removes the least abusive app store so we can hand more control to the most abusive app store. I can't support that, especially when it's glaringly obvious that walled app store are neither necessary nor sufficient to provide safety for users.

I think your comment highlights the balancing act of providing an open platform while also protecting the average user. I'm sure everyone here knows that the average technology user is not the brightest or savvy. Making changes like putting scare screens before side loading an app is a good compromise on the user side. However it does make it more difficult for app developers to distribute their apps that way. Anyone with basic security training will be cautious about going further. So you've effectively limited your audience just to power users.

However moving to a whitelist system I think is counterproductive. Especially when Google is the only one with the power to edit that list. There is a reason Microsoft or Apple never went down this route in the name of security. It's just too much of a burden on them and it hinders power users, hobbyists, and small developers. Cases where one might want to keep their identity to themselves are edge cases but they are VERY important edge cases.

I know the situation in Singapore and Thailand and I was curious if there would be anyone mentioning it in this discussion. Thank you for your comment, you should be upvoted.

All of those links 404s for me. Can you explain how the malware works? You are aware that it's not the app store that protects you, but the sandboxing? Are these impersonation vectors, ie phishing?

When governments across the globe are becoming more authoritarian, we need to protect our ability to run whatever app we want. Otherwise they'll ban communication apps when we step out of line and protest, as we've seen in places like Hong Kong on more locked down platforms like iOS. This isn't about power users. It doesn't matter how many links you post. The US is literally turning into an authoritarian dictatorship before our eyes. Germany's AfD now commands 25% of the vote and it keeps increasing. Far right parties are gaining ground everywhere.

We can't be handwringing about safety right now, because our right to free speech and to protest are at stake. Our democracies are at stake here.

The vast, vast majority of android malware that's used is on the Google play store. Because that's where the vast, vast majority of apps are from.

This is a completely made up and hallucinated problem. I will not mince words - this is a blatant attempt at deception.

We do not need to block sideloading to:

1. Stop malicious apps (does nothing)

2. Stop users from side loading

If we want to stop sideloading, we can simply introduce an arduous process to enable side loading. For example - consider turning on ADB. Do we vaporize ADB? No, because that's fucking stupid.

But now when it comes to apps, that little nugget of information is suddenly conveniently not considered.